Case Study on How to secure your infrastructure with AWS. Impact of Attacks or Threats.

NonPetya ransomware attack:

Maersk to reinstall all 4000 servers, 45000 PCs & 2500 Application with fortune loss worth $300 million.

The proverb “Trouble Never Comes Alone” is stated clearly in the recent times with the following cases.

Recently the logistics & Shipping giant Møller-Maersk from Denmark faced a awful ransomware attack on their global infrastructure. This disaster costed them a fortune worth $300 Million. The situation became so critical that the whereabouts of the ships, consignments, manpower, infra, IT all where on stake for more than 10 days.

The Chairman Jim Hangman quoted  “Its a very significant wake-up call for Maersk, and you could say, a very expensive one.”.

However the company has revealed that the catastrophic ransomware attack which affected their businesses across the globe in 2017-18 required close to a “complete infrastructure” reconditioning & reinstallation for thousands of machines and servers.

Maersk infra was attacked by Petya ransomware which made their IT systems and operational controls so vulnerable that they were completely disconnected from their global network. An unimaginable situation emerged where the company’s valuable assets like ships carrying 10 to 20 thousand containers which are usually docking/undocking in every 15 to 20 minutes had no IT connectivity. This incurred them with multiple losses in terms of money, serious business interruption, expensive hardware & loose ends to their business.

A firm with established offices over 130 countries and a workforce of around 0.09 Million people suffered a lot. Adding to this the company had to reinstall 4,000 servers, 45,000 PCs, and 2,500 applications to restore the whole system. But in an audacious event of “Attempt for Restoration” was conducted within 10 days, which might have lasted for more than 6 months of war-zone situation.  With the hard work and sincere efforts of the IT team the company experienced around 20% of volume drop and while the rest 80% was managed manually until the system came back to functional condition.

Maersk was not the only victim, there were several other business giants like TNT Express, FedEx, Reckitt Benckiser, Saint-Gobain, Mondelez International & Merck & Co. were also some names which suffered a collective business loss worth £250 Million under this attack.

Here arises some important questions:

1. Does system security is underestimated at times?
2. Being any kind of business isn’t it an important aspect to implement more secure ecosystem?
3. Will it be easy to afford those expensive Hardware/Software solutions again in the event of such attack on the IT infrastructure?
4. Does a firm is ready to pay more for a less secure system or rather want to pay less and have more secured system??
5. Is showing reluctance towards adopting advanced & safer technology is a thing to spare?

As every mission-critical workload needs a Reliable-Redundant-Highly Available infrastructure setup to sustain the workload demands. The present business models are so highly dependent on technology, that even a half hour down-time can cause the loss of millions. While on-prem infrastructure can provide good reliability. It comes with a heavy baggage of up-front investment and heavy maintenance costs. Considering the recent ransomware incidents on-prem infra is also proven to less secure in comparison to cloud.

Now let’s see why AWS is better than any other Cloud Service.

On the very primary note Amazon Web Services is itself a pretty Smooth & Secure services to chose upon.

AWS Comprises of the Following features which will help you to understand Why to opt. for it?

Security

AWS is a secure, durable technology platform with industry-recognised certifications and audits: PCI DSS Level 1, ISO 27001, FISMA Moderate, HIPAA, and SAS 70 Type II. AWS services and data centres have multiple layers of operational and physical security to ensure the integrity and safety of your data.

Compliance

AWS has achieved Level 1 Payment Card Industry (PCI) compliance and is now a validated PCI Service Provider. This is a key designation that provides a means for merchants and other service providers to become PCI-certified while storing, processing, and transmitting credit card information in AWS. This validation also provides further clarity and assurance for customers evaluating the breadth and strength of our security practices.

Auditing

AWS has successfully completed a Statement on Auditing Standards No. 70 (SAS70) Type II Audit, and has obtained a favourable unbiased opinion from its independent auditors. SAS70 certifies that a service organisation has had an in-depth audit of its controls (including control objectives and control activities), which, in the case of AWS, relates to operational performance and security to safeguard customer data. AWS will continue efforts to obtain the strictest of industry certifications in order to verify its commitment to provide a secure, world-class cloud computing environment.

Agility and Instant Elasticity

AWS provides a massive global cloud infrastructure that allows you to quickly innovate, experiment, and iterate. Instead of waiting weeks or months for hardware, you can instantly deploy new applications, instantly scale up as your workload grows, and instantly scale down based on demand. Whether you need one virtual server or thousands; whether you need them for a few hours or 24/7—you still only pay for what you use at no extra cost.

Redundancy

AWS provides a highly durable storage infrastructure designed for mission-critical and primary data storage. Objects are redundantly stored on multiple devices across multiple facilities. Once stored, durability of your objects is maintained by quickly detecting and repairing any lost redundancy.

Low Cost

AWS offers low, pay-as-you-go pricing with no up-front expenses or long term commitments. We are able to build and manage a global infrastructure at scale, and pass the cost saving benefits onto you in the form of lower prices. With the efficiencies of our scale and expertise, we have been able to lower our prices on 15 different occasions over the past four years.

Open and Flexible

AWS is a language and operating system-agnostic platform. You choose the development platform or programming model that makes the most sense for your organisation. You can choose which services you use—one or several—and choose how you use them. This flexibility allows you to focus on innovation, not infrastructure.